0
Votes

Include MAC and IP address in Threat Management screen columns

 
0
Votes

Include MAC and IP address in Threat Management screen columns

Include MAC and IP address in Threat Management screen columns
Include MAC and IP address in Threat Management screen columns
2024-11-24 06:55:48 - last edited 2024-11-26 09:26:14
Tags: #IDS/IPS
Model: OC300  
Hardware Version:
Firmware Version:

Under Insights > Threat Management, the columns available aren't very useful, at least for my use case. Adding a MAC address (for local clients) and IP address (source and destination ideally) option to the columns would help immensley. Ideally, these columns would also be sortable and searchable.

 

I use it to detect torrenting clients on the network, which is not allowed due to the difficulty in determing what is legal vs illegal activity on a network with 500 people. If I get a hit with "torrent" in the threat description or P2P in the category, I then have to open the hit and look at the IP address on it. Then I have to take that IP address to the Clients list and figure out what MAC address is associated with it. I need to look at the duration of the connection, and if it's outside of the present time (someone else had that IP address), then I have to go to the Past Connections screen and try that, but I can't just search the IP address, I have to search based on time, because the IP address field isn't searchable on the Past Connections screen. I then take that MAC address to the Hotspot page for the site, and look it up in the Authorized Clients page, which then finally gives me the account and therefore the name of the person so I can disable their accounts and unauthorize their devices per our organization's policies.

 

That's a lot of steps that can be significantly streamlined by just presenting the MAC address and IP address in columns on the threat management screen.

#1
Options
1 Accepted Solution
Re:Include MAC and IP address in Threat Management screen columns-Solution
2024-11-26 09:26:12 - last edited 2024-11-26 09:26:14

  @BHJohnson 

Hello, thank you for posting on the TP-Link community, and we certainly appreciate all your feedback and feature requests here. While we don't have any specific details that I can share around if the feature can come to all the controllers, or when it might, I'll make sure to log this feature request and pass it along to the team.
Feel free to let us know of any other feature requests you may have, we’d be happy to send them up for you.

Recommended Solution
#2
Options
1 Reply
Re:Include MAC and IP address in Threat Management screen columns-Solution
2024-11-26 09:26:12 - last edited 2024-11-26 09:26:14

  @BHJohnson 

Hello, thank you for posting on the TP-Link community, and we certainly appreciate all your feedback and feature requests here. While we don't have any specific details that I can share around if the feature can come to all the controllers, or when it might, I'll make sure to log this feature request and pass it along to the team.
Feel free to let us know of any other feature requests you may have, we’d be happy to send them up for you.

Recommended Solution
#2
Options